CVE-2021-47422 in Linux
Summary
by MITRE • 05/21/2024
In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau/kms/nv50-: fix file release memory leak
When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 08/22/2025
The vulnerability identified as CVE-2021-47422 represents a memory management flaw within the Linux kernel's nouveau graphics driver implementation. This issue specifically affects the drm/nouveau/kms/nv50 subsystem where improper cleanup procedures lead to resource leakage. The vulnerability stems from a fundamental misunderstanding of the single_open() and single_release() function pairing within the kernel's file operations framework. When the single_open() function is invoked to open a file, it allocates memory structures that are intended to be freed by a corresponding single_release() call. However, in this particular implementation, the release function is not being called properly, resulting in a memory leak that persists throughout the system's operation.
The technical flaw manifests in the nouveau graphics driver's kernel module where the file operations structure does not properly handle the lifecycle of allocated resources. This type of memory leak falls under the category of improper cleanup operations and can be classified as a CWE-404: Improper Resource Management or CWE-772: Missing Release of Resource after Effective Lifetime. The vulnerability specifically impacts the nv50 graphics subsystem within the nouveau driver which is responsible for managing NVIDIA GeForce 50 series graphics hardware. When applications interact with graphics device files through the drm interface, the improper memory management causes allocation structures to remain in memory even after the file operations have completed, leading to gradual memory consumption over time.
The operational impact of this vulnerability extends beyond simple memory consumption as it represents a potential vector for resource exhaustion attacks. While the individual memory leak may appear minor, in systems running for extended periods or under heavy graphics workloads, the cumulative effect of multiple leaked memory segments can lead to system instability, reduced performance, and potentially system crashes. The vulnerability affects systems utilizing the nouveau open-source graphics driver, which is commonly found in Linux distributions that do not use proprietary NVIDIA drivers. This makes it particularly concerning for server environments, desktop systems, and embedded devices that rely on open-source graphics drivers for display functionality. The issue demonstrates a fundamental flaw in kernel module development practices where proper resource management patterns are not consistently applied, creating opportunities for attackers to exploit resource exhaustion scenarios.
Mitigation strategies for CVE-2021-47422 involve applying the kernel patch that correctly implements the single_release() function call in conjunction with single_open(). This requires developers to ensure that every single_open() invocation has a corresponding single_release() call within the file operations structure. The fix aligns with established kernel development practices and follows the ATT&CK framework's concept of privilege escalation through resource exhaustion attacks. System administrators should prioritize updating their kernel versions to include the patched implementation, particularly in environments where graphics-intensive applications are prevalent. The vulnerability also highlights the importance of code reviews and static analysis tools that can identify improper resource management patterns. Additionally, monitoring systems for unusual memory consumption patterns can serve as an early detection mechanism for similar resource leak vulnerabilities within kernel modules. Organizations should implement regular kernel updates as part of their security maintenance procedures to ensure protection against such memory management flaws that can compromise system stability and performance.